What is an AML/CTF program?
AML/CTF programs are required under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) as a way for reporting entities (businesses) to identify, mitigate and manage the risk of their products or services facilitating money laundering or terrorism financing. Requirements for AML/CTF programs came into effect on 12 December 2007.
AML/CTF programs are risk based. This means reporting entities can develop their own programs with minimal cost, tailored to their situation and money laundering and terrorism financing risks. This approach recognises that the reporting entity is in the best position to assess the risk of their customers, products and services and to allocate resources to counter those risks. The risk-based approach also ensures there is minimum impact on customers.
AUSTRAC will monitor compliance with the requirement to adopt an AML/CTF program.
How is an AML/CTF program set up?
The AML/CTF Rules set out the main requirements for an AML/CTF program, in Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1).
In developing an AML/CTF program, a reporting entity will need to consider:
- the risk profile of its customers
- the AML/CTF risk of designated services provided
- the methods by which designated services are delivered
- risk profiles of foreign jurisdictions dealt with
- risks resulting from the provision of designated services through permanent offices in foreign countries.
There are three types of AML/CTF program:
- standard, which applies to individual reporting entities (businesses)
- joint, which applies to reporting entities (businesses) which are members of a designated business group
- special, which only applies to holders of an Australian Financial Services licence (AFS licence) offering a 'designated service' under item 54 of table 1 in section 6 of the AML/CTF Act.
What are Parts A and B of an AML/CTF program?
Standard and joint AML/CTF programs have two key parts - Part A (general) and Part B (customer identification).
Part A relates to the identification, management and reduction of the risk of money laundering and terrorism financing faced by a reporting entity and includes:
Part B relates to customer identification procedures and includes:
- ensuring systems are in place to assess the risk of products and designated services that a business provides
- screening employees prior to engagement and ongoing monitoring of staff
- training employees in AML/CTF trends, risk-based processes and the consequences of non-compliance
- training and ongoing monitoring of agents and third parties where applicable
- ongoing customer due diligence (from 12 December 2008) including monitoring of customer transactions.
- establishing methods for identifying customers (and their agents), to enable the reporting entity to be reasonably satisfied that a customer is who they claim to be
- collecting and verifying minimum 'know your customer' (KYC) information.
Further information about AML/CTF programsAUSTRAC has produced various educational tools and publications to assist reporting entities with their AML/CTF program obligations. These include:
- AML/CTF programs brochure
- AUSTRAC guidance note Risk management and AML/CTF programs
- AUSTRAC Regulatory Guide (in particular, chapters 2, 3 and 4)
- e-learning course 'Introduction to AML/CTF'.
The above can be accessed from the Quicklinks on this page.